r4805: Last planned change to the privileges infrastructure:

[samba.git] / source3 / auth / auth_util.c

diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 98ecd00d1c50e164bdac68c3c5db4d81890751ce..4a23ec8adc5a1e595215d1aef6faf2eb5716d1a6 100644 (file)
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -493,6 +493,8 @@ void debug_nt_user_token(int dbg_class, int dbg_lev, NT_USER_TOKEN *token)
        for (i = 0; i < token->num_sids; i++)
                DEBUGADDC(dbg_class, dbg_lev, ("SID[%3lu]: %s\n", (unsigned long)i, 
                                               sid_to_string(sid_str, &token->user_sids[i])));
+
+       dump_se_priv( dbg_class, dbg_lev, &token->privileges );
 }
 
 /****************************************************************************
@@ -583,6 +585,10 @@ static NTSTATUS create_nt_user_token(const DOM_SID *user_sid, const DOM_SID *gro
                        ptoken->num_sids--;
                }
        }
+
+       /* add privileges assigned to this user */
+
+       get_privileges_for_sids( &ptoken->privileges, ptoken->user_sids, ptoken->num_sids );
        
        debug_nt_user_token(DBGC_AUTH, 10, ptoken);
        
@@ -1410,12 +1416,13 @@ BOOL make_auth_methods(struct auth_context *auth_context, auth_methods **auth_me
 
 void delete_nt_token(NT_USER_TOKEN **pptoken)
 {
-    if (*pptoken) {
-           NT_USER_TOKEN *ptoken = *pptoken;
-           SAFE_FREE( ptoken->user_sids );
-           ZERO_STRUCTP(ptoken);
-    }
-    SAFE_FREE(*pptoken);
+       if (*pptoken) {
+               NT_USER_TOKEN *ptoken = *pptoken;
+
+               SAFE_FREE( ptoken->user_sids );
+               ZERO_STRUCTP(ptoken);
+       }
+       SAFE_FREE(*pptoken);
 }
 
 /****************************************************************************
@@ -1429,17 +1436,25 @@ NT_USER_TOKEN *dup_nt_token(NT_USER_TOKEN *ptoken)
        if (!ptoken)
                return NULL;
 
-    if ((token = SMB_MALLOC_P(NT_USER_TOKEN)) == NULL)
-        return NULL;
-
-    ZERO_STRUCTP(token);
+       if ((token = SMB_MALLOC_P(NT_USER_TOKEN)) == NULL)
+               return NULL;
 
-    if ((token->user_sids = (DOM_SID *)memdup( ptoken->user_sids, sizeof(DOM_SID) * ptoken->num_sids )) == NULL) {
-        SAFE_FREE(token);
-        return NULL;
-    }
+       ZERO_STRUCTP(token);
+       
+       token->user_sids = (DOM_SID *)memdup( ptoken->user_sids, sizeof(DOM_SID) * ptoken->num_sids );
+       
+       if ( !token ) {
+               SAFE_FREE(token);
+               return NULL;
+       }
 
-    token->num_sids = ptoken->num_sids;
+       token->num_sids = ptoken->num_sids;
+       
+       /* copy the privileges; don't consider failure to be critical here */
+       
+       if ( !se_priv_copy( &token->privileges, &ptoken->privileges ) ) {
+               DEBUG(0,("dup_nt_token: Failure to copy SE_PRIV!.  Continuing with 0 privileges assigned.\n"));
+       }
 
        return token;
 }